University of Oregon

Heartbleed Details and FAQ

There is significant national attention on an internet security flaw, and UO Information Services has worked quickly to assess the university’s vulnerabilities and implement solutions where needed.

On April 7, the security flaw known as Heartbleed, was discovered. The vulnerable software, OpenSSL, is part of many websites and online services and is used to secure Internet communications. The flaw allows hackers to get personal information without detection.

By April 9, Information Services had evaluated all University of Oregon central technology services and either determined they were not affected or patched the software. This includes key services such as email, Banner, DuckWeb, and Blackboard.

As part of this work, Information Services will need to restart services between 12:00pm on Thursday, April 10 and midnight on Sunday, April 13 as part of this work. You should not see any interruptions. However, in a few circumstances, services may be unavailable for 5 or 10 minutes.

Information on service status is online at http://status.uoregon.edu.

Information Services are determining a course of action for requesting password changes.

For answers to frequently asked questions about Heartbleed at the University of Oregon, see http://it.uoregon.edu/heartbleed-faq.